OASB
v1.0
Controls/Capability & Authorization/2.4
L2 StandardForward-looking

2.4 No Implicit Trust Escalation

2. Capability & AuthorizationWhat can this agent do?

Description

Trust MUST NOT transitively escalate between agents.

Rationale

Transitive trust creates attack paths where compromising one agent leads to access to others.

Audit Procedure

1. Map all agent-to-agent trust relationships
2. Identify transitive trust chains
3. Test for trust escalation

Remediation

1. Implement explicit trust grants
2. Validate identity at each hop
3. Use trust scoring that degrades with hops

Framework Mappings

CIS Control 6.4NIST PR.AC-4
Previous2.3 Capability BoundariesNext2.5 Human-in-the-Loop for Sensitive Actions